Ticket-based spectrum authorization and access control

ABSTRACT

Aspects describe spectrum authorization, access control, and configuration parameters validation. Devices in an ad-hoc or peer-to-peer configuration can utilize a licensed spectrum if the devices are authorized to use the spectrum, which can be determined automatically. Aspects relate to distribution of authorization tickets by an authorization server as a result of validating a device&#39;s credentials and services to which the device is entitled. An exchange and verification of authorization tickets can be performed by devices as a condition for enabling a validated wireless link using the spectrum.

RELATED APPLICATIONS

This application is a continuation of U.S. patent application Ser. No.12/209,432, entitled “TICKET-BASED SPECTRUM AUTHORIZATION AND ACCESSCONTROL,” filed Sep. 12, 2008, the entire contents of which are herebyincorporated by reference for all purposes.

BACKGROUND

I. Field

The following description relates generally to wireless communicationsand more particularly to authorizing communications over a licensedspectrum.

II. Background

Wireless communication systems are widely deployed to provide varioustypes of communication and to transfer information regardless of where auser is located (inside or outside a structure) and whether a user isstationary or moving (e.g., in a vehicle, walking). For example, voice,data, video and so forth can be provided through wireless communicationsystems. A typical wireless communication system, or network, canprovide multiple users access to one or more shared resources. Forinstance, a system may use a variety of multiple access techniques suchas Frequency Division Multiplexing (FDM), Time Division Multiplexing(TDM), Code Division Multiplexing (CDM), Orthogonal Frequency DivisionMultiplexing (OFDM), and others.

Generally, wireless communication networks are established through adevice communicating with a base station or access point. The accesspoint covers a geographic range or cell and, as the device is operated,the device can be moved in and out of these geographic cells.

A network can also be constructed utilizing solely peer-to-peer deviceswithout utilizing access points or the network can include both accesspoints and peer-to-peer devices. These types of networks are sometimesreferred to as ad hoc networks. Ad hoc networks can be self-configuringwhereby when a device (or access point) receives communication fromanother device, the other device is added to the network. As devicesleave the area, they are dynamically removed from the network. Thus, thetopography of the network can be constantly changing.

Ad-hoc networks enable communication devices to transmit and/or receiveinformation while on the move. Communication is established using thespectrum, which is a valuable, limited resource comprising a broad rangeof electromagnetic radio frequencies utilized in the transmission ofmultiple types of data. Ad-hoc networks may be communicatively coupledto other public or private networks, for example through wired and/orwireless access points, in order to enable the transfer of informationto and from a device. Such ad-hoc networks typically include a multitudeof devices communicating in a peer-to-peer manner. Ad-hoc networks mayalso include beacon points that emit strong signals to facilitatepeer-to-peer communication amongst devices. For example, emitted beaconscan contain timing information to aid in timing synchronization of suchdevices. These beacon points are positioned to provide wide areacoverage as the device travels within and across different coverageareas.

If a communication system does not require operator-owned access pointsbut utilizes a licensed spectrum belonging to a spectrumowner/licensee/provider, only authorized devices should be enabled touse the spectrum. In order for the spectrum owner/licensee to bereimbursed for the spectrum license fees, authorization for the spectrumis granted for devices associated with users or organizations thatpossess a business relationship with the spectrum provider or a brokerrepresentative thereof.

Thus, the spectrum provider can control use of its spectrum by employingan authorization server, which is a core network node or set of nodesthat communicate with devices on a timeline or upon events as prescribedby user service agreements or by spectrum provider administration, inorder to authenticate and authorize the devices to utilize the spectrumaccording to their service agreements.

Associated with ad-hoc communication using the spectrum is a series ofconfiguration parameters necessary to properly make use of such links.These parameters are Internet Protocol (IP) addresses, upper-layer ornetwork-layer identifiers, service identifiers, and the like.Misconfiguration of these parameters can result in security breaches.For example if a (misbehaving) device is able to utilize an IP addressbelonging to another network node as if that (stolen) IP address belongsto the misbehaving device, peers communicating with the misbehavingdevice may inadvertently cause data traffic intended for the networknode to be redirected to the misbehaving device.

SUMMARY

The following presents a simplified summary of one or more aspects inorder to provide a basic understanding of such aspects. This summary isnot an extensive overview of all contemplated aspects, and is intendedto neither identify key or critical elements of all aspects nordelineate the scope of any or all aspects. Its sole purpose is topresent some concepts of one or more aspects in a simplified form as aprelude to the more detailed description that is presented later.

In accordance with one or more aspects and corresponding disclosurethereof, various aspects are described in connection with authorizationof devices to communicate directly with other devices utilizing thelicensed spectrum. In accordance with some aspects, the authorization isbased on prescribed user/service agreements. Configuration parametersthat are employed to enable correct use of the spectrum can be vouchedfor by the spectrum provider authorization server and, thus, can beverified by peer devices. Such peer devices can be spectrum-authorizedand are provided with authorized configuration parameters that can beutilized in the process of peer-to-peer/ad-hoc communication utilizingthe spectrum.

An aspect relates to a method for spectrum authorization and accesscontrol. The method includes obtaining a first authorization ticket fora first device issued by a trusted third party. The method also includesreceiving from a second device a second authorization ticket for thesecond device. The second authorization ticket is issued by the trustedthird party or another trusted party. The method also includesestablishing a validated communication session with the second device.

Another aspect relates to a wireless communications apparatus thatincludes a memory and a processor. The memory retains instructionsrelated to obtaining a first authorization ticket for a first deviceissued by a trusted third party and receiving from a second device asecond authorization ticket for the second device. The secondauthorization ticket is issued by the trusted third party or anothertrusted party. The memory also retains instructions related toestablishing a validated communication session with the second device.The processor is coupled to the memory and is configured to execute theinstructions retained in the memory.

A further aspect relates to a wireless communications apparatus thatfacilitates spectrum authorization and access control. The apparatusincludes means for obtaining a first authorization ticket for a firstdevice issued by a trusted third party and means for conveying the firstauthorization ticket to a second device. The apparatus also includesmeans for receiving from the second device a second authorization ticketfor the second device. The second authorization ticket is issued by thetrusted third party or another trusted third party. Also included in theapparatus is means for validating the second authorization ticket forthe second device and means for establishing a validated communicationsession with the second device if the validation of the secondauthorization ticket is successful.

Yet another aspect relates to a computer program product that comprisesa computer-readable medium that includes a first set of codes forcausing a computer to obtain a first authorization ticket for a firstdevice issued by a trusted third party. The computer-readable mediumalso includes a second set of codes for causing the computer to receivefrom a second device a second authorization ticket for the second deviceand a third set of codes for causing the computer to validate the secondauthorization ticket. The second authorization ticket is issued by thetrusted third party or another trusted party. The computer-readablemedium also includes a fourth set of codes for causing the computer toestablish a validated communication with the second device if the secondauthorization ticket is valid.

Still another aspect relates to at least one processor configured toprovide spectrum authorization and access control. The processorincludes a first module for obtaining a first authorization ticket for afirst device issued by a trusted third party and a second module fortransmitting the first authorization ticket to a second device. A thirdmodule for receiving from the second device a second authorizationticket for the second device is also included in the processor. Thesecond authorization ticket is issued by the trusted third party oranother trusted third party. Further, the processor includes a fourthmodule for validating the second authorization ticket for the seconddevice and a fifth module for establishing a validated communicationsession with the second device if the validation of the secondauthorization ticket is successful.

Another aspect relates to a method for spectrum authorization and accesscontrol. The method includes receiving a request from a first device forsystem access and performing authentication of the first device. Themethod also includes allowing (authorizing) system access for the firstdevice and creating an authorization ticket for the first device basedon the authorized system access.

A further aspect relates to a wireless communications apparatus thatincludes a memory and a processor. The processor is coupled to thememory and is configured to execute the instructions retained in thememory. The memory retains instructions related to receiving a requestfrom at least a first device for system access and performingauthentication of the at least a first device. The memory also retainsinstructions related to allowing (authorizing) system access to thefirst device and generating an authorization ticket for the at least afirst device based in part on the authorized system access.

Still another aspect relates to a wireless communications apparatus thatprovides spectrum authorization. The apparatus includes means forreceiving a request from at least a first device for system access andmeans for performing authentication of the at least a first device. Theapparatus also includes means for allowing (authorizing) system accessto the at least a first device and a means for generating anauthorization ticket for the at least a first device based in part onthe authorized system access of at least a first device.

Yet another aspect relates to a computer program product that comprisesa computer-readable medium. The computer-readable medium includes afirst set of codes for causing a computer to receive a request from afirst device for system access and a second set of codes for causing thecomputer to perform authentication of the first device. Thecomputer-readable medium also includes a third set of codes for causingthe computer to allow (authorize) system access to the first device anda fourth set of codes for causing the computer to generate anauthorization ticket for the first device based on the authorized systemaccess.

A further aspect relates to at least one processor configured to providespectrum authorization. The processor includes a first module forreceiving a request from at least a first device for system access and asecond module for performing authentication of the at least a firstdevice. The processor also includes a third module forallowing/authorizing system access to the at least a first device and afourth module for generating an authorization ticket for the at least afirst device based in part on the authorized system access provided tothe at least a first device. The authorization ticket comprises anidentity of the at least a first device, a validity range during whichthe authorization ticket is valid, and a cryptographic signature.

To the accomplishment of the foregoing and related ends, the one or moreaspects comprise the features hereinafter fully described andparticularly pointed out in the claims. The following description andthe annexed drawings set forth in detail certain illustrative featuresof the one or more aspects. These features are indicative, however, ofbut a few of the various ways in which the principles of the variousaspects may be employed. Other advantages and novel features will becomeapparent from the following detailed description when considered inconjunction with the drawings and the disclosed aspects are intended toinclude all such aspects and their equivalents.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 illustrates a wireless communication system in accordance withvarious aspects.

FIG. 2 illustrates a system for spectrum use authorization.

FIG. 3 illustrates a flow diagram of the operation of a device obtainingauthorization from an authorization server.

FIG. 4 illustrates an example authorization ticket that can be utilizedwith the disclosed aspects.

FIG. 5 illustrates a flow diagram of an operation of two devicesestablishing a validated communication link by first validating spectrumuse authorization and/or associated configuration parameters inaccordance with the various aspects disclosed herein.

FIG. 6 illustrates a system for ticket-based spectrum authorization andaccess control in accordance with one or more aspects.

FIG. 7 illustrates a system for spectrum authorization and accesscontrol.

FIG. 8 illustrates a system for validation of ticket-based configurationparameters.

FIG. 9 illustrates another system for validation of ticket-basedconfiguration parameters.

FIG. 10 illustrates a method for spectrum authorization and accesscontrol.

FIG. 11 illustrates a method for spectrum authorization and accesscontrol.

FIG. 12 illustrates a method for validating ticket-based configurationparameters.

FIG. 13 illustrates a method for validation of ticket-basedconfiguration parameters.

FIG. 14 illustrates a system that facilitates ticket based authorizationand validation in accordance with the disclosed aspects.

FIG. 15 illustrates an example system that facilitates spectrumauthorization and access control in an ad hoc (peer-to-peer)environment.

FIG. 16 illustrates an example system that provides spectrumauthorization.

FIG. 17 illustrates an example system that validates ticket-basedconfiguration parameters in a communication environment.

FIG. 18 illustrates an example system that validates ticket-basedconfiguration parameters.

DETAILED DESCRIPTION

Various aspects are now described with reference to the drawings. In thefollowing description, for purposes of explanation, numerous specificdetails are set forth in order to provide a thorough understanding ofone or more aspects. It may be evident, however, that such aspect(s) maybe practiced without these specific details. In other instances,well-known structures and devices are shown in block diagram form inorder to facilitate describing these aspects.

As used in this application, the terms “component”, “module”, “system”,and the like are intended to refer to a computer-related entity, eitherhardware, firmware, a combination of hardware and software, software, orsoftware in execution. For example, a component may be, but is notlimited to being, a process running on a processor, a processor, anobject, an executable, a thread of execution, a program, and/or acomputer. By way of illustration, both an application running on acomputing device and the computing device can be a component. One ormore components can reside within a process and/or thread of executionand a component may be localized on one computer and/or distributedbetween two or more computers. In addition, these components can executefrom various computer readable media having various data structuresstored thereon. The components may communicate by way of local and/orremote processes such as in accordance with a signal having one or moredata packets (e.g., data from one component interacting with anothercomponent in a local system, distributed system, and/or across a networksuch as the Internet with other systems by way of the signal).

Furthermore, various aspects are described herein in connection with adevice. A device can also be called, and may contain some or all of thefunctionality of a system, subscriber unit, subscriber station, mobilestation, mobile, wireless terminal, device, mobile device, remotestation, remote terminal, access terminal, user terminal, terminal,wireless communication device, wireless communication apparatus, useragent, user device, or user equipment (UE). A mobile device can be acellular telephone, a cordless telephone, a Session Initiation Protocol(SIP) phone, a smart phone, a wireless local loop (WLL) station, apersonal digital assistant (PDA), a laptop, a handheld communicationdevice, a handheld computing device, a satellite radio, a wireless modemcard and/or another processing device for communicating over a wirelesssystem. Moreover, various aspects are described herein in connectionwith a base station. A base station may be utilized for communicatingwith wireless terminal(s) and can also be called, and may contain someor all of the functionality of, an access point, Node B, or some othernetwork entity.

Various aspects or features will be presented in terms of systems thatmay include a number of devices, components, modules, and the like. Itis to be understood and appreciated that the various systems may includeadditional devices, components, modules, etc. and/or may not include allof the devices, components, modules etc. discussed in connection withthe figures. A combination of these approaches may also be used.

Referring now to FIG. 1, illustrated is a wireless communication system100 in accordance with various aspects. System 100 comprises a basestation 102 that can include multiple antenna groups. For example, oneantenna group can include antennas 104 and 106, another group cancomprise antennas 108 and 110, and an additional group can includeantennas 112 and 114. Two antennas are illustrated for each antennagroup; however, more or fewer antennas can be utilized for each group.Base station 102 can additionally include a transmitter chain and areceiver chain, each of which can in turn comprise a plurality ofcomponents associated with signal transmission and reception (e.g.,processors, modulators, multiplexers, demodulators, demultiplexers,antennas, etc.), as will be appreciated by one skilled in the art.Additionally, the base station 102 can be a home base station, a Femtobase station, and/or the like.

Base station 102 can communicate with one or more devices such as device116; however, it is to be appreciated that base station 102 cancommunicate with substantially any number of devices similar to device116. As depicted, device 116 is in communication with antennas 104 and106, where antennas 104 and 106 transmit information to device 116 overa forward link 118 and receive information from device 116 over areverse link 120.

In a frequency division duplex (FDD) system, forward link 118 canutilize a different frequency band than that used by reverse link 120,for example. Further, in a time division duplex (TDD) system, forwardlink 118 and reverse link 120 can utilize a common frequency band.

In addition, devices 122 and 124 can be communicating with one another,such as in a peer-to-peer configuration. Moreover, device 122 is incommunication with device 124 using links 126 and 128. In a peer-to-peerad hoc network, devices within range of each other, such as devices 122and 124, communicate directly with each other without a base station 102and/or a wired infrastructure to relay their communication.Additionally, peer devices or nodes can relay traffic. The deviceswithin the network communicating in a peer-to-peer manner can functionsimilar to base stations and relay traffic or communications to otherdevices, functioning similar to base stations, until the traffic reachesits ultimate destination. The devices can also transmit controlchannels, which carry information that can be utilized to manage thedata transmission between peer devices.

A communication network can include any number of devices or nodes thatare in wireless communication. Each device or node can be within rangeof one or more other devices or nodes and can communicate with the otherdevices/nodes or through utilization of the other devices/nodes, such asin a multi-hop topography (e.g., communications can hop from node tonode until reaching a final destination). For example, a sender devicemay wish to communicate with a receiver device. To enable packettransfer between sender device and receiver device, one or moreintermediate devices can be utilized. It should be understood that anydevice can be a sender device and/or a receiver device and can performfunctions of either sending and/or receiving information atsubstantially the same time (e.g., can broadcast or communicateinformation at about the same time as receiving information and/or at adifferent time).

System 100 can be configured to enable usage of a spectrum for datacommunication by authorized devices, wherein devices that are notauthorized (e.g., traditional or common devices) cannot use thespectrum. Authorization tickets can be distributed by a trusted thirdparty after validation of a device's credentials and the services towhich the device is entitled. Further, system 100 can mandate theexchange and verification of authorization tickets by devices as acondition for configuring a wireless link utilizing the spectrum.

FIG. 2 illustrates a system 200 for spectrum use authorization. System200 can be configured to enable communications authorized (or vouchedfor) by a spectrum provider (or a trusted third party) to occur betweendevices (e.g., in a peer-to-peer manner) or between devices and basestations.

System 200 includes an authorization server 202 and a configurationparameters database 204. The authorization server 202 can be co-locatedor communicatively coupled to the configuration parameters database 204.Also included in system 200 are devices, labeled device₁ 206 anddevice_(N) 208, where N is an integer. Devices 206, 208 can be mobiledevices and/or base stations that operate similar to mobile devices inaccordance with the disclosed aspects (e.g., the fact that the basestations are typically connected to other networks or infrastructure isnot relevant to the disclosed aspects). Devices 206, 208 can communicatewith each other (illustrated by bidirectional communication link 210),and with other devices wirelessly. Further, devices 206, 208 cancommunicate with authorization server 202 wirelessly or through wiredlinks (illustrated by bidirectional communication links 212 and 214). Ifthe communication between a device 206, 208 and the authorization server202 is wireless, the communication may or may not be through a licensedspectrum, such as the licensed spectrum that is used by devices 206, 208to communicate with each other. In accordance with some aspects, thelink between devices (link 210) and the links between one or moredevices 206, 208 and the authorization server 202 (links 212 or 214) canbe the same link or a similar link.

Authorization server 202 can selectively distribute authorization foruse of a spectrum, such as a licensed spectrum, to one or more devices206, 208. The authorization can be distributed in the form of anauthorization ticket, illustrated as authorization tickets 216 andauthorization ticket_(M) 218, where M is an integer. The authorizationticket 216, 218 can include various information such as a deviceidentifier, a validity period, a cryptographic signature of theauthorizing device (e.g., authorization server 202), as well as otherinformation. Further information relating to the authorization ticketwill be provided below.

The authorization tickets 216, 218 can be utilized by the devices 206,208 to enable communication among the devices 206, 208. In accordancewith some aspects, the authorization tickets 216, 218 can be utilized toauthorize a certain use (e.g., to authorize services) of the spectrum.In accordance with some aspects, the authorization tickets 216, 218 canbe distributed to the one or more devices 206, 208 using a network layerprotocol. It should be understood that a device to which authorizationto the (licensed) spectrum is not given does not receive anauthorization ticket.

To distribute the authorization tickets, authorization server 202 canperiodically (e.g., once a month, another predetermined interval)communicate with the one or more devices 206, 208 and provide theappropriate authorization ticket to each device individually. Forexample, authorization server 202 can transmit a new authorizationticket having a different validity range than an authorization ticketthat was previously transmitted to the device. Each device 206, 208receives an authorization ticket that is different from an authorizationticket provided to another device. For example, authorization server 202transmits authorization ticket₁ 216 to device₁ 206 and authorizationticket_(M) 218 to device_(N) 208. Each device 206, 208 can retain itsauthorization ticket, such as in a storage media.

The devices 206, 208 exchange the authorization tickets to establish avalidated communication link 210 between each other. Thus, device₁ 206sends authorization ticket₁ 216 to device_(N) 208 and device_(N) 208sends authorization ticket_(M) 218 to device₁ 206. Validation of theauthorization tickets allows the devices (e.g., two mobile devices, amobile device and an access point, and so forth) to communicate in apeer-to-peer manner in accordance with the disclosed aspects. If adevice is not able to validate the authorization ticket of the device towhich it desires to communicate, a validated communication link is notestablished between the devices.

FIG. 3 illustrates a flow diagram 300 of the operation of a deviceobtaining authorization from an authorization server. The authorizationserver 202 can be a trusted party that issues authorization tickets todevices, such as Device₁ 206. It should be appreciated thatauthorization server 202 can issue authorization tickets to a multitudeof devices at substantially the same time, or at different times.However, only one device is illustrated for purposes of simplicity.

To initiate issuance of an authorization ticket, the device 206 sends anAuthorization Request Message 302 that contains at least a uniqueidentifier of the device (e.g., Device_ID_(—)1). In accordance with someaspects, the Authorization Request Message 302 can include othercredential information, such as a public key.

The device 206 can be triggered to send the Authorization RequestMessage 302 based on detection of an upcoming expiration of a previouslyobtained authorization ticket (e.g., the authorization ticket the deviceis currently using to communicate with other devices). In accordancewith some aspects, sending the Authorization Request Message 302 can betriggered by an order for user applications to enable a wireless linkwhile there is no valid authorization ticket retained in the device(e.g., in a storage medium).

Additionally or alternatively, the device 206 can be triggered to sendthe Authorization Request Message 302 based on a request received fromthe authorization server 202. The authorization server 202 can transmitthe request for administrative reasons and/or based on an indicationthat an amount or quota of data that was authorized to be sent/receivedby the device under the previous authorization ticket has been (or willbe) exceeded. In this alternative aspect, a message (not shown) isreceived from the authorization server 202 prior the transmission of theAuthorization Request Message 302.

At substantially the same time as receiving the Authorization RequestMessage 302, the authentication server 202 verifies the identity of thedevice 206 and the services to which the device 206 is entitled (e.g.,the services that have been purchased, services allowed under a currentplan, services allowed for no cost during a promotion period, and soforth). This is illustrated by the double bidirectional arrows at 304(Authentication Mechanism). This verification process can be referred toas “authentication”, “authorization”, “accounting protocol”, and/or“authentication protocol”. Examples of such protocols include TransportLevel Security (TLS), Internet Key Exchanges (IKE), and others.

In accordance with some aspects, device 206 sends credential informationin response to a channel message sent by authorization server 202 aspart of the message exchange 304. According to other aspects, both thedevice 206 and the authorization server 202 exchange respectivecredential information in order to perform a mutual authenticationprocedure and typically secure the communication channel between thedevice 206 and authorization server 202.

If the identity of the device 206 is verified, the authentication server202 assigns/generates configuration parameters and includes thisinformation in an authorization ticket created by the authenticationserver 202. Additionally or alternatively, authentication server 202 canassign/generate the configuration parameters in conjunction with one ormore other databases or servers.

In accordance with some aspects, the newly created authorization ticketis substantially the same as a previous authorization ticket provided tothe device 206. However, the newly created authorization ticket can havea different validity period (start time/end time) and a differentcryptographic signature. In accordance with some aspects, the newlycreated authorization ticket can include authorization for services thatare the same or different from the services authorized by the previousauthorization ticket (e.g., more services, less services, differentservices). Further information relating to the authorization ticket willbe described in further detail with reference to FIG. 4.

The newly created authorization ticket is sent to the device 206 in anAuthorization Response Message 306. According to some aspects, theauthorization ticket might be encrypted with the intent that the ticketcan only be decrypted by the device for which it is intended (e.g.,device 206). The device 206 can retain the authorization ticket in astorage medium for later use to establish a validated communication linkwith other devices.

FIG. 4 illustrates an example authorization ticket 400 that can beutilized with the disclosed aspects. It should be understood that theillustrated and described authorization ticket 400 is provided for easeof understanding this detailed description and other authorizationtickets can be utilized.

Included in authorization ticket 400 are a device identifier 402, avalidity period 404, and a cryptographic signature 406 of theauthorizing server, covering the entire ticket 400 data. The validityperiod 404 includes a start time (e.g., not before: <date/time>) and anend time (e.g., not after: <date/time>). A validity period 404 cancreate a level of security because, if an authorization ticket isfraudulently obtained by a misbehaving device, upon expiration, thatauthorization ticket will no longer be usable by the misbehaving device.

In accordance with an optional aspect, the authorization ticket 400 cancontain information that can be utilized to authenticate the ticketholder (e.g., device). This information, represented as optional by thedashed line at 408, can be in the form of a digital certificate, apublic key, a hash of a public key belonging to the device as indicatedby the device identifier 402, as well as other authentication means.

Additionally or alternatively, the authorization ticket 400 can includean optional (denoted by the dashed line) list of (or a representationof) the types services 410 that the device, identified by deviceidentifier 402, is permitted to consume using the spectrum in apeer-to-peer or a group manner (e.g., voice or video calls, dataexchange with a maximum or minimum rate, receipt of special broadcastinformation, and so forth). According to some aspects, the information410 on allowed services is taken into account by other devices that arevalidating the ticket 400 such that the other device(s) can decidewhether and how to enable a validated communication link. If the validcommunication link is enabled, the other device(s) can configure thelink to carry only the type of data and/or data rate as specified in alist of the type of services allowed.

The authorization ticket 400 may also optionally contain (as noted bythe dashed line) other configuration or enabling information 412. Thisother information 412 can include a piece of data given out to allauthorized devices and utilized in an ad-hoc network to configure thephysical or media access control channels, so that only authorizeddevices can communicate using these channels. In accordance with someaspects, the other information 412 includes configuration informationand/or an assigned parameters list, which can be utilized by otherdevices that are validating the authorization ticket in order for theother devices to determine how to correctly configure the link.

FIG. 5 illustrates a flow diagram 500 of an operation of two devicesestablishing a validated communication link by first validating spectrumuse authorization and/or associated configuration parameters inaccordance with the various aspects disclosed herein. When a firstdevice (Device₁) 206 desires to communicate with one or more otherdevices (Device_(N)) 208, using the spectrum, the first device 206transmits a Connection Request Message 502. The Connection RequestMessage 502 includes an identifier of the first device 206 (e.g.,“ID-Device-1”). In accordance with some aspects, the Connection RequestMessage 502 includes an authorization ticket that identifies (and thatbelongs) to the first device 206.

The second device 208 can respond to the Connection Request Message 502with a Connection Response Message 504 that contains an identifier ofthe second device 206 (e.g., “ID-Device-N”). In accordance with someaspects, the Connection Response Message 504 can be transmitted aftersecond device 208 verifies the contents of the authorization ticketreceived from first device 206. The Connection Response Message 504 caninclude an authorization ticket that identifies (and that belongs to)the second device 208. At substantially the same time as receiving theConnection Response Message 504, first device 206 can verify thecontents of the authorization ticket received from second device 208.

Either or both the Connection Request Message 502 and the ConnectionResponse Message 504 can contain the public keys(s) associated with thedevice sending the message (e.g., “public-key-1”, “public-key-N”). Inaccordance with some aspects, either or both messages 502, 504 include acomplete digital certificate.

In an optional aspect as denoted by dashed line 506, one or more othermessages can be exchanged. These other messages 506 can be sent with thepurpose of achieving mutual identity authentication. For example, firstdevice 206 can authenticate the identity of second device 208 (e.g.verify identity “ID-Device-N”) and the second device 208 canauthenticate the identity of first device 206 (e.g., verify identity“ID-Device-1”).

A purpose of messages 502, 504, and optionally 506, is to achieve mutualidentity authentication. The mutual identity authentication is differentfrom the authorization verification process. In accordance with someaspects, both the mutual identity authentication and the authorizationverification processes can be performed at substantially the same time.

According to various aspects, identity authentication can be achieved byemploying digital certificates. For example, two devices 206, 208 canengage in a protocol whereby each device transmits their certificate andother information (e.g., a random number or nonce). This exchange canassist to verify that the other device is indeed in possession of theprivate key associated with the presented certificate.

In accordance with some aspects, the identity authentication can alsoresult in establishing a shared secret key that can be utilized tosecure the communication channel between devices 206 and 208.

According to other aspects, the digital certificate utilized foridentity authentication and establishment of communication channelsecurity can be the same as the spectrum authorization ticket. In thiscase, the identity authentication task and the authorization tasks arecombined.

An authorization exchange takes place wherein the first device 206 sendsan Authorization Request Message 508 to the second device 208. TheAuthorization Request Message 508 can include an authorization ticket ofthe first device 206. The second device 208 can respond with anAuthorization Response Message 510 that can contain an authorizationticket of the second device 208.

At substantially the same time as receiving the Authorization RequestMessage 508, the second device 208 can verify the received authorizationticket (included in the message) of the first device 206. In a similarmanner, at substantially the same time as receiving an AuthorizationResponse Message 510, the first device 206 can verify the authorizationticket (included in the message) of the second device 208. Verificationof the respective authorization tickets include confirming that theidentifier in the ticket is the same identifier as the identifier thatwas validated during the mutual identity authentication, as discussedabove.

It should be noted that, in accordance with some aspects, only verifyingthe authorization ticket might not be enough to achieve a proper amountof security. Therefore, the verification process can also include deviceor user identity authentication. According to this aspect,“authorization ticket verification” refers to the verification of theserver-generated ticket (e.g., authorization ticket) and that the ticketbelongs to the device sending the ticket, as identified by theidentifier included in the ticket. Additionally or alternatively, theauthorization ticket either has the form of a digital certificate oralso includes a device or user digital certificate. Thus, in accordancewith this aspect, each device needs to prove that it is the rightfulowner of the presented authorization ticket. In accordance with someaspects, ownership of a digital certificate can be verified by showing averified entity proof of possession of a private key associated with apublic key that is present in the certificate.

In an optional aspect, as represented by dashed line 512, anothersecurity and/or configuration protocol may be administered betweendevices 206 and 208 for the purpose of secure key derivation andpossibly other configurations.

After completion of the mutual verification of identities andauthorization tickets, a link is configured utilizing theinformation/assigned parameters included in the exchanged authorizationtickets. After configuration of the valid link, user data can beexchanged, at 514, between the devices 206 and 208 over the validatedcommunication link.

It should be noted that the flow chart illustrated and described withreference to FIG. 5 is for illustration purposes only. For example, themutual verification of identities and authorization tickets can beperformed at times other than upon receipt of a connection message.Further, tasks such as identity verification and authorizationverification can be combined. Additionally, entities can be exchangedand verified at a later time as part of the authorization ticketexchange and associated security protocols. Additionally oralternatively, messages sent by the first device 206 can be combined(e.g., messages 502 and 508; messages 502, 506, 508, and 512) in one orseveral messages. In a similar manner, messages from the second device208 can be combined (e.g., messages 504 and 510; messages 504, 506, 510and 512) in one or several messages.

In accordance with some aspects, authorization tickets can be obtainedby a first device 206 through means other than directly from the seconddevice 208. For example, the second device 208 can transmit its (unique)identifier and the first device 206 utilizes the identifier to retrieveand verify the second device's authorization ticket, which can beobtained from a server or local database.

According to various aspects, both devices 206, 208 verify the otherdevice's identity and authorization ticket prior to allowing user dataor other protocol data to flow, at 514, on the shared wireless linkusing the spectrum. It should also be understood that a similar processcould be undertaken by more than two devices (e.g., when group wirelesscommunication is employed using broadcast/multicast mechanisms). Inmulti-device scenarios, each device should successfully validate theauthorization tickets granted to the other devices in the communicationgroup prior to activating the wireless link or links to carry otherdata.

According to some optional aspects, other enforcement schemes can beutilized at substantially the same time as the spectrum useauthorization validation described herein. For example, wireless sensorpoints can be placed over a geographical area. These sensor points canlisten for unauthorized wireless data exchange. In another example,legitimate nodes can actively listen and report communication that wasnot preceded by the exchange of valid authorization tickets if thesystem requires that tickets to be explicitly exchanged.

In accordance with another aspect, first device 206 obtains anauthorization ticket (e.g., from an authentication server) authorizingspectrum-use services of type “A” only (e.g., voice calls only). Whenestablishing a communication between first device 206 and another device(e.g., second device 208), each device transmits its authorizationticket to the other device. If the second device 208 is entitled toservices of type “A”, the link is enabled for exchanging data of type“A” only. If at a later time, first device 206 desires to exchange dataof type “B” (e.g., video) with second device 208, second device 208 doesnot cooperate because second device 208 is configured to not allow suchdata (e.g., type “B”) to be sent and/or received.

With reference now to FIG. 6, illustrated is a system 600 forticket-based spectrum authorization and access control in accordancewith one or more aspects. System 600 can be configured to enable aspectrum licensee/owner to extract revenue from devices communicatingutilizing the (radio frequency) spectrum in an ad-hoc or peer-to-peermanner, without the need for controlled infrastructure. System 600 canenable the use of the spectrum for data communication by authorizeddevices though the distribution of authorization tickets and theexchange and verification of these authorization tickets between thedevices for enablement of a validated wireless link that carries user orcontrol data communications. Included in system 600 is a wirelesscommunications apparatus 602 that can be in communication with one ormore devices 604 and one or more trusted parties 606, which can be anode.

Wireless communications apparatus 600 includes an authorization ticketrequestor 608 that obtains an authorization ticket issued for wirelesscommunications apparatus 602. The authorization ticket for the wirelesscommunications apparatus 602 is issued by a trusted third party 606. Inaccordance with some aspects, the trusted parties 606 can beauthorization server(s) that issue authorization tickets.

In accordance with some aspects, communication with the trusted parties606 (or authorization server(s)) is conducted through an interface,which can be a cellular wireless interface, a wired interface such as aDigital Subscriber Line (DSL), cable, and so forth.

Also included in wireless communications apparatus 600 is an associateddevice authorization ticket acquirer 610 that is configured to requestor receive an authorization ticket from an associated device(s) 604(e.g., a device to which communication is to be established). Theauthorization ticket is issued to the one or more associated devices 604from the trusted third party that issued the authorization ticket forwireless communications apparatus 602 or from another trusted party. Theauthorization ticket of the associated device(s) 604 can include avalidity time or cryptographic signature of the trusted party thatissued the ticket.

According to some aspects, the authorization ticket of wirelesscommunications apparatus 602 and/or the authorization ticket(s) of theassociated device(s) 604 are embodied as a traditional digitalcertificate (e.g., X.509 standard). For example, a traditional digitalcertificate can include extensions to indicate authorization forspectrum use and/or can convey other information pertaining toestablishing validated communication links.

A verification module 612 is configured to establish a validcommunication session between the wireless communications apparatus 602and one or more associated devices 604. The verification module 612 canvalidate the authorization ticket for the associated device (s).According to some aspects, the validated communication session can besecured based on information contained in the authorization ticket ofwireless communication apparatus 602 and the authorization ticket(s) ofthe associated device(s) 604. A secured communication session refers toa communication session that has encryption/decryption and integrityprotection.

In accordance with some aspects, the authorization ticket issued forwireless communications apparatus 602 is transmitted to the associateddevice (s) 604 in order for the associated device(s) to verify theidentity of wireless communications apparatus 602 and to establish avalidated communication session. Data between wireless communicationsapparatus 602 and the one or more devices 604 is not enabled to carrydata until the authorization ticket exchange has been successfullyconducted and the link has been validated.

In accordance with some aspects, a cellular interface can be utilized toenable communication between wireless communications apparatus 602, thedevice(s) 604, and/or the trusted parties 606. Although the cellularinterface can be mostly for communication with other device(s) 604, theinterface can be utilized for communication with access points (or basestations). For example, a cellular interface can carry data wirelesslyfrom wireless communications apparatus 602 to an access point and fromthere onto one or more trusted third party 606. It should be noted,however, that the presence or involvement of access points is notnecessary. Data can also be relayed through one or more other device,one of which is eventually connected to the network where a trustedthird party 606 resides.

According to some aspects, the communication between wirelesscommunications apparatus 602 and one or more trusted third party 606 isperformed through a wireless interface. In accordance with this aspect,a direct point of communication may be another device or access point,which can in turn either relay the data to another entity that has acommunication link with the trusted third party 606, or can send thedata directly to the trusted third party 606. It should be noted thatwhen implementing this aspect, communication through the interface usingthe licensed spectrum should not be enabled until after theauthorization ticket is obtained (and verified). In one approach, theauthorization protocol is run using this communications link, in theabsence of another available interface, therefore, a means to bootstrapthe authorization for spectrum use should be provided. It is understoodthat absent a valid authorization ticket, the communication through theinterface is by configuration limited to only the protocol and data thatpertains directly to the authorization process with the trusted party606 (e.g., obtaining an authorization ticket).

In another approach, the authorization protocol is run by a “helper”device or access point on behalf of the wireless communicationsapparatus 602 seeking authorization. Thus, the wireless communicationsapparatus 602 only uses the interface to locate another access point ordevice and requests that device to run the neededauthentication/authorization protocol with the trusted party 606 onbehalf of the wireless communications apparatus 602. This process caninvolve relaying of data between the wireless communications apparatus602 and the helper counterpart.

System 600 can include memory 614 operatively coupled to wirelesscommunications apparatus 602. Memory 614 can be external to wirelesscommunications apparatus 602 or can reside within wirelesscommunications apparatus 602. Memory 614 can store information relatedto obtaining a first authorization ticket associated with wirelesscommunications apparatus 602. The first authorization ticket can beissued by a trusted third party. Memory 614 can also store informationrelated to receiving from a second device a second authorization ticketfor the second device. The second authorization ticket can be issued bythe trusted third party or another trusted party. Further, memory 614can retain instructions related to establishing a validatedcommunication session with the second device or with a multitude ofdevices.

A processor 616 can be operatively connected to wireless communicationsapparatus 602 (and/or memory 614) to facilitate analysis of informationrelated to spectrum authorization and access control in a peer-to-peeror ad hoc communication network. Processor 616 can be a processordedicated to analyzing and/or generating information received bywireless communications apparatus 602, a processor that controls one ormore components of system 600, and/or a processor that both analyzes andgenerates information received by wireless communications apparatus 602and controls one or more components of system 600.

Memory 614 can store protocols associated with spectrum authorization,access control between wireless communications apparatus 602, device(s)604, and/or trusted parties 606, such that system 600 can employ storedprotocols and/or algorithms to achieve improved communications in awireless network as described herein. Memory 614 can further retain anauthorization ticket associated with wireless communications apparatus602 and/or one or more devices 604.

Memory 614 can further retain instructions related to obtaining a firstauthorization ticket for a first device issued by a trusted third party,receiving from a second device a second authorization ticket for thesecond device, the second authorization ticket is issued by the trustedthird party or another trusted party, and establishing a validatedcommunication session with the second device. The processor 616 isconfigured to execute the instructions retained in the memory.

It should be appreciated that the data store (e.g., memories) componentsdescribed herein can be either volatile memory or nonvolatile memory, orcan include both volatile and nonvolatile memory. By way of example andnot limitation, nonvolatile memory can include read only memory (ROM),programmable ROM (PROM), electrically programmable ROM (EPROM),electrically erasable ROM (EEPROM), or flash memory. Volatile memory caninclude random access memory (RAM), which acts as external cache memory.By way of example and not limitation, RAM is available in many formssuch as synchronous RAM (DRAM), dynamic RAM (DRAM), synchronous DRAM(SDRAM), double data rate SDRAM (DDR SDRAM), enhanced SDRAM (ESDRAM),Synchlink DRAM (SLDRAM), and direct Rambus RAM (DRRAM). Memory 614 ofthe disclosed aspects are intended to comprise, without being limitedto, these and other suitable types of memory.

FIG. 7 illustrates a system for spectrum authorization and accesscontrol 700. System 700 is similar to system 600 of FIG. 6 and includesa device 702 that communicates with other devices 704 and with one ormore trusted parties, illustrated as wireless communication apparatus706.

A trusted party 706 can include a receiver 708 that is configured toreceive a request from a first device, such as device 702, for systemaccess. Receiver 708 can also receive requests from one or more of theother devices 704 at substantially the same time as receiving a requestfrom first device 702, at a different time, or combinations thereof.

Based on the request, an authenticator 710 can be configured to obtainauthentication of the first device 702 (or another device thattransmitted the request). In accordance with some aspects, the firstdevice authentication is obtained from an external source, such as froma network device over a secure communication link and/or from a homeserver. For example, the external source can be a server that has abusiness relationship with the first device (e.g., user in possession ofthe device) and the server can verify the subscription (e.g., theservices for which the user has subscribed).

Based in part on the authentication of the first device 702, an accessauthorizer 712 can determine the system access that can be authorizedfor the first device 702 (or another device 704). According to someaspects, access authorizer 712 can consult a configuration parametersdatabase that contains a listing of a plurality of devices that areauthorized to access the system to determine the access to which thefirst device is entitled. The configuration parameters database can alsocontain one or more configuration parameters (e.g., a set ofconfiguration parameters) associated with each device. If first deviceis included in the listing, the first device is authorized to access thesystem. However, if first device is not included in the listing, thefirst device is not authorized to access the system. The configurationparameters database can be dynamically updated, such as when there is achange to the database and/or based on other criteria.

In accordance with some aspects, authenticator 710 and/or or accessauthorizer 712 can review credentials associated with the first device702 (or another device 704) to make respective determinations. Thecredentials can be at least one of shared secret keys, public keys,authorization information, a list of services, billing information, orcombinations thereof.

Authorization ticket generator 714 can create an authorization ticketfor the first device 702 (and/or the other devices 704) based on theauthorized system access as determined by access authorizer 712. A partof the authorization ticket creation can include the generation of acryptographic signature on which the validity of the authorizationticket relies. The authorization ticket can include an identity of thefirst device, a validity range during which the authorization ticket isvalid, a cryptographic signature, and/or other parameters.

System 700 can include a memory 716 operative connected to (or includedwithin) wireless communications apparatus 706. Memory 716 can storeinstructions related to receiving a request from at least a first devicefor system access, performing authentication of the at least a firstdevice, determining system access that can be authorized for the firstdevice, and generating an authorization ticket for the at least a firstdevice based in part on the authorized system access. A processor 718can be coupled to the memory 716 and can be configured to execute theinstructions retained in the memory 716.

With reference now to FIG. 8, illustrated is a system 800 for validationof ticket-based configuration parameters. System 800 can be configuredto enable authorized devices to communicate over a licensed spectrumthrough the utilization of authorization tickets. A device that desiresto communicate with another device can verify link configurationparameters claimed by the other device have been authorized by amutually trusted third party.

Included in system 800 is a wireless communications apparatus 802 thatcan be, for example a trusted third party, such as an authorizationserver. Wireless communications apparatus 802 is configured tocommunicate with one or more devices, labeled Device₁ 804 throughDevice_(P) 806, where P is an integer.

Included in wireless communication apparatus 802 is device identifier808 that can selectively recognize each device 804, 806 based, in part,on a request for system access. For example, each device 804, 806 can beidentified by a unique identifier, such as a hardware address. Further,device identifier 808 can include other authentication and/orauthorization information associated with each device 804, 806. Forexample, credentials such as shared secret keys, public keys,authorization information, a list of services each device is entitledto, associated billing/charging information, and so forth can beretained by (or accessible by) device identifier 808.

In accordance with some aspects, device identifier 808 includes aconfiguration parameters database that can contain a database of devicesthat are authorized for using the spectrum. The database can alsocontain configuration information and/or assigned parameters for eachdevice. In accordance with some aspects, a subset of the parameters canbe generated at the time a request for authorization is received from adevice. Other parameters, such as IP addresses, can be assigned from apool of available addresses and/or obtained from another server. Inaccordance with some aspects, configuration information can be stored asdictated by service agreements and the like.

If the device identifier 808 does not have (or cannot obtain) all thenecessary information for one or more devices 804, 806, the informationcan be obtained from another server or network device that holds, or hasaccess to, the needed information in its entirety or in part. Obtainingthe information from another server or network device can be conductedin a secure manner. In this situation, wireless communications apparatus802 can utilize a communication interface to communicate with anotherserver that holds authentication/authorization information for all orsome devices 804, 806. In accordance with some aspects, informationassociated with some or all devices 804, 806 can reside at multiplenetwork nodes.

The purpose of consulting a database is to check the identity of thedevice seeking authorization and to determine the services the device isentitled to according to a user service agreement or the like.Consulting the database is a portion of the process that wirelesscommunication apparatus 802 conducts for each device 804, 806 seekingsystem access.

An authorization ticket distributor 810 selectively distributesauthorization tickets to devices 804, 806. The distribution ofauthorization tickets can be a result of validating a device'scredentials and the services the device is entitled to have access toand to utilize. Further, the authorization tickets are exchanged betweendevices and verified as a condition to bringing up or enabling awireless link using the spectrum to carry user or control datacommunication. In such a manner, only authorized devices are enabled touse the spectrum for data communication in accordance with the aspectspresented herein. According to some aspects, the authorization ticket isimplements as a traditional digital certificate, such as a X.509certificate, that can include an IP address.

Further, a memory 812 can be operatively coupled to wirelesscommunications apparatus 802. Memory 812 can be external to wirelesscommunications apparatus 802 or can reside within wirelesscommunications apparatus 802. Memory 812 can store information relatedto associating a device with one or more validated information elementsand transmitting an authorization ticket, certified by a trusted partyto the device. The ticket can include a subset of the one or morevalidated information elements.

Retaining the authentication ticket in memory can mitigate the need toobtain the authentication ticket when a validated communication sessionis to be established. Thus, if the authentication server and/or sourceof the authentication ticket is not available (e.g., limitedconnectivity), the authentication ticket retained in memory can beutilized. In accordance with some aspects, an updated authenticationticket is obtained when connectivity is restored.

Information elements can be expressions, addresses, a phone number,and/or other information that is to be presented to a user (e.g., visualinformation, audible information, and so forth). In accordance with someaspects, information elements can be configuration parameters and/or anIP address. Additionally or alternatively, information elements can beidentifiers that are being broadcast and or advertised. Further,information elements can be a name, an identity, a location, userinformation (e.g., an emotion the user wants to express), a trademark,and any other data.

In accordance with some aspects, only a subset of available informationelements is included in an authentication ticket. For example, if thereare hundreds or thousands of information elements that can be includedin an authentication ticket, only a subset of those information elementsmight be included in the authentication ticket. The determination ofwhich information elements to include can be a function of the source ofthe information elements (and authentication ticket) and/or thedestination of the information elements (and authentication ticket).

The information elements can be validated in order to provide somereliability to the information elements. Validated information elementscan mitigate the need to independently validate the information elements(e.g., no need to access another device, another database, or any othersource) since the information elements are pre-validated by the server.

A processor 814 can be operatively connected to wireless communicationsapparatus 802 (and/or memory 812) to facilitate analysis of informationrelated to spectrum authorization and access control in an ad-hoccommunication network. Processor 814 can be a processor dedicated toanalyzing and/or generating information received by wirelesscommunications apparatus 802, a processor that controls one or morecomponents of system 800, and/or a processor that both analyzes andgenerates information received by wireless communications apparatus 802and controls one or more components of system 800.

Memory 812 can store protocols associated with spectrum authorization,access control between wireless communications apparatus 802, device(s)804, 806 and/or other trusted parties, such that system 800 can employstored protocols and/or algorithms to achieve improved communications ina wireless network as described herein. In accordance with some aspects,memory retains instructions related to associating a device with one ormore validated information elements and transmitting an authorizationticket, certified by wireless communications apparatus, to the device.

FIG. 9 illustrates another system 900 for validation of ticket-basedconfiguration parameters. System 900 is similar to the system of theabove figure and includes an authentication server 902, a first device904, and one or more other devices 906.

Device 904 can include a ticket acquirer 908 that obtains anauthorization ticket. The authorization ticket can include one or morevalidated information elements associated with another device (e.g., adevice with which a validated communication session is to beestablished), this device will be referred to herein as second device904. At least one of the validated information elements is an InternetProtocol address. In accordance with some aspects, the authorizationticket includes an identifier of the second device 904, a validityrange, and a signature of a trusted party that issued the authorizationticket to the second device 904. Also included in device 904 is avalidation module 910 that validates the authorization ticket.

A communication establisher 912 utilizes the authorization ticket toestablish a validated communication with the second device 904. Thevalidated communication can be broadcast or multicast. In accordancewith some aspects, the validated communication is with the second device904 in a peer-to-peer or ad-hoc configuration. Additionally, thecommunication with the second device 904 can be over a securecommunication link.

Device 904 also includes an operation execution module 914 that uses asubset of the one or more validated information elements to perform aconfiguration operation. The configuration operation can includeconfiguring an interface and/or adding a route.

A memory 916 is operatively connected to device 904 and is configured toretain instructions related to obtaining an authorization ticket thatincludes one or more validated information elements associated with asecond device. The memory also retains instructions related tovalidating the authorization ticket, utilizing the authorization ticketto establish a validated (and possibly secure) communication with thesecond device, and using a subset of the one or more validatedinformation elements to perform a configuration operation. A processor918 is coupled to the memory 916 and is configured to execute theinstructions retained in the memory 916.

In view of the exemplary systems shown and described, methodologies thatmay be implemented in accordance with the disclosed subject matter, willbe better appreciated with reference to the flow charts provided herein.While, for purposes of simplicity of explanation, the methodologies maybe shown and described as a series of blocks, it is to be understood andappreciated that the claimed subject matter is not limited by the numberor order of blocks, as some blocks may occur in different orders and/orat substantially the same time with other blocks from what is depictedand described herein. Moreover, not all illustrated blocks may berequired to implement the methodologies described herein. It is to beappreciated that the functionality associated with the blocks may beimplemented by software, hardware, a combination thereof or any othersuitable means (e.g. device, system, process, component). Additionally,it should be further appreciated that the methodologies disclosedthroughout this specification are capable of being stored on an articleof manufacture to facilitate transporting and transferring suchmethodologies to various devices. Those skilled in the art willunderstand and appreciate that a methodology could alternatively berepresented as a series of interrelated states or events, such as in astate diagram.

FIG. 10 illustrates a method 1000 for spectrum authorization and accesscontrol. Method 1000 can enable utilization of a spectrum by authorizeddevices operating in an ad-hoc or peer-to-peer fashion, without the needfor a controlled infrastructure.

Method 1000 starts, at 1002, when a first authorization ticket isobtained from a trusted third party. The trusted third party can be, forexample, an authorization server. The authorization ticket can includean identifier of a device and a signature of the trusted third party. Inaccordance with some aspects, the first authorization ticket istransmitted to a second device.

A second authorization ticket is received from an associated device, at1004. The second authorization ticket can be issued by the trusted thirdparty that issued the first authorization ticket or the secondauthorization ticket can be issued by another trusted party. The secondauthorization ticket can include a validity time or a cryptographicsignature of the trusted party that issued the second authorizationticket (e.g., the trusted third party or the another trusted party). Inaccordance with some aspects, the first authorization ticket comprisesservices allowed to be accessed by the first device and the secondauthorization ticket comprises services allowed to be accessed by thesecond device.

A valid communication session with the associated device is established,at 1006. The validated communication session can be configured to carrydata of a type and manner specified in a list of allowed servicesincluded in the first authorization ticket and the second authorizationticket.

In accordance with some aspects, establishing the valid communicationsession can include validating the second authorization ticket. Afailure to validate the second authorization ticket for the seconddevice can result in tearing down a communication link between the firstdevice and the second device. Validating the second authorization ticketcan include verifying a validity time and a cryptographic signature. Inaccordance with some aspects, validating the second authorization ticketincludes validating an identity of the second device as identified inthe second authorization ticket. Additionally or alternatively,validation the second authorization ticket includes verifying possessionof a private key associated with an identity and a public key includedin a digital certificate and/or verifying a shared key derived though amutual authentication process that occurred some time in the pastbetween the devices.

Method 1000 can also include securing the validated communicationsession based on information contained in the first authorization ticketand the second authorization ticket. Securing the validatedcommunication session includes encryption/decryption and integrityprotection.

In accordance with some aspects, the first authorization ticket and/orthe second authorization ticket are embodied as a traditional digitalcertificate. For example, the traditional digital certificate can be aX.509 standard with new extensions to indicate authorization forspectrum use and can convey information pertaining to setting upvalidated communication links. In another example, the traditionaldigital certificate can be a X.509 certificate that includes a newextension that contains an IP address.

With reference now to FIG. 11, illustrated is a method 1100 for spectrumauthorization and access control. At 1102, a request for system access(e.g., access to a licensed spectrum) is received from at least a firstdevice. In accordance with some aspects, multiple requests from a numberof devices are received at substantially the same time, at differenttimes, or combinations thereof.

At 1104, authentication of the first device is obtained from an internalsource, from and external source, or combinations thereof. If obtainedexternally, the authentication can be obtained from a network node overa secure communication link. In accordance with some aspects, theauthentication is obtained externally from another server.

System access that can be authorized for the first device is determined,at 1106. In accordance with some aspects, determining system accessincludes consulting a configuration parameters database that contains alisting of a plurality of devices that are authorized to access thesystem.

The authentication of the first device, at 1104, and/or the authorizedsystem access, at 1106, can be determined by credentials associated withthe first device. The credentials can be one or more of shared secretkeys, public keys, authorization information, and a list of services orbilling information, or combinations thereof.

At 1108, an authorization ticket for at least the first device iscreated based on the authorized system access to which the first deviceis entitled. The authorization ticket can include an identity of thefirst device, a validity range during which the authorization ticket isvalid, and/or a cryptographic signature of the party that issued theauthorization ticket.

FIG. 12 illustrates a method 1200 for validating ticket-basedconfiguration parameters. Method 1200 starts, at 1202, when a device isassociated with one or more validated information elements. Theinformation elements can include an Internet Protocol address assignedto the device, a telephone number assigned to the device, and/or otherinformation.

In accordance with some aspects, prior to associating the device withthe one or more information elements, an authorization protocol isemployed to communicate with the device. Based in part on thecommunication with the device, a determination is made whether toconstruct an authorization ticket for the device and the informationelements that should be included in the authorization ticket.

According to some aspects, a database of authorized devices andassociated parameters identified by a unique device identifier isconsulted to determine whether to associate the device with theinformation element(s). The database can contain information relating toa configuration each device can use when communicating using a licensedspectrum.

At 1204, an authorization ticket is transmitted to the device. Theauthorization ticket is certified by a trusted party and includes asubset of the one or more validated information elements. The deviceuses the authorization ticket to establish a communication link withanother device. In accordance with some aspects, the authorizationticket includes an identifier of the device, a validity range, and asignature of the trusted party.

In accordance with some aspects, the authorization ticket is implementedas a traditional digital certificate. For example, the traditionaldigital certificate can be a X.509 standard with new extensions toindicate authorization for spectrum use and can convey informationpertaining to setting up validated communication links. In anotherexample, the traditional digital certificate can be a X.509 certificatethat includes a new extension that contains an IP address.

FIG. 13 illustrates a method 1300 for validation of ticket-basedconfiguration parameters. At 1302, an authorization ticket for a device(with which a validation communication session is to be established) isobtained. The authorization ticket can include one more validatedinformation elements associated with the device. In accordance with someaspects, the authorization ticket includes an identifier of the device,a validity range, and a signature of a trusted party that issued theauthorization ticket. At least one of the validated information elementsis an Internet Protocol address. The authorization ticket is validated,at 1304.

The authorization ticket is utilized, at 1306, to establish a validated(and possibly secure) communication with the device. The communicationcan be broadcast or multicast. In accordance with some aspects, thevalidated communication with the device is a peer-to-peer configuration.

At 1308, a subset of the one or more validated information elements isused to perform a configuration operation. In accordance with someaspects, the configuration operation comprises configuring an interface.According to some aspect, the configuration operation comprises adding aroute.

With reference now to FIG. 14, illustrated is a system 1400 thatfacilitates ticket based authorization and validation in accordance withthe disclosed aspects. System 1400 can reside in a user device. System1400 comprises a receiver 1402 that can receive a signal from, forexample, a receiver antenna. The receiver 1402 can perform typicalactions thereon, such as filtering, amplifying, downconverting, etc. thereceived signal. The receiver 1402 can also digitize the conditionedsignal to obtain samples. A demodulator 1404 can obtain received symbolsfor each symbol period, as well as provide received symbols to aprocessor 1406.

Processor 1406 can be a processor dedicated to analyzing informationreceived by receiver component 1402 and/or generating information fortransmission by a transmitter 1408. In addition or alternatively,processor 1406 can control one or more components of user device 1400,analyze information received by receiver 1402, generate information fortransmission by transmitter 1408, and/or control one or more componentsof user device 1400. Processor 1406 may include a controller componentcapable of coordinating communications with additional user devices.User device 1400 can additionally comprise memory 1408 operativelycoupled to processor 1406 and that can store information related tocoordinating communications and any other suitable information.

FIG. 15 illustrates an example system 1500 that facilitates spectrumauthorization and access control in an ad hoc (peer-to-peer)environment. System 1500 includes a logical grouping 1502 of electricalcomponents that can act separately or in conjunction. Logical grouping1502 includes an electrical component 1504 for obtaining a firstauthorization ticket for a first device. The first authorization ticketcan be issued by a trusted third party. In accordance with some aspects,the trusted third party is an authorization server.

Also included in logical grouping 1502 is an electrical component 1506for conveying the first authorization ticket to a second device. Thefirst authorization ticket includes an identifier of the first deviceand a signature of the trusted third party. An electrical component 1508for receiving from the second device a second authorization ticket forthe second device is also included.

Logical grouping 1502 also includes an electrical component 1510 forvalidating the second authorization ticket for the second device. Thesecond authorization ticket can include a validity time or acryptographic signature of the issuer of the second authorization ticket(e.g., trusted third party or another trusted party). Validating thesecond authorization ticket includes verifying both the validity timeand the cryptographic signature. In accordance with some aspects,validating the second authorization ticket includes validating anidentity of the second device as identified in the second authorizationticket, verifying possession of a private key associated with anidentity and a public key included in a digital certification, orverifying a shared key derived through a mutual authentication process,or combinations thereof.

In accordance with some aspects, if there is a failure while validatingthe second authorization ticket for the second device, a communicationlink that was established between the first device and the second deviceis torn down. The communication link that is torn down is anon-validated link that the devices utilized to exchange authorizationtickets and/or other information in order for a validated communicationto be established.

An electrical component 1512 for establishing a validated communicationsession with the second device is also included in logical grouping1502. The validated communication session can be configured to carrydata of a type and manner specified in a list of allowed servicesincluded in the first authorization ticket, the second authorizationticket, or both tickets. In accordance with some aspects, the firstauthorization ticket includes services allowed to be accessed by thefirst device and the second authorization ticket comprises servicesallowed to be accessed by the second device.

Additionally, system 1500 can include a memory 1514 that retainsinstructions for executing functions associated with electricalcomponents 1504, 1506, 1508, 1510, and 1512 or other components. Whileshown as being external to memory 1514, it is to be understood that oneor more of electrical components 1504, 1506, 1508, 1510, and 1512 mayexist within memory 1514.

FIG. 16 illustrates an example system 1600 that provides spectrumauthorization. Included in system is a logical grouping 1602 ofelectrical components that can act separately or in conjunction. Logicalgrouping 1602 includes an electrical component 1604 for receiving arequest from at least a first device for access to a spectrum.

Also included in logical grouping 1602 is an electrical component 1606for performing authentication of the at least a first device. Theauthentication can be performed using an internal source or an externalsource. In accordance with some aspects, the first device authenticationis performed with the assistance of an external network device over asecure communication link.

An electrical component 1608 for determining system access that can beprovided to the at least a first device is also included. In accordancewith some aspects, electrical component 1608 determines system access byconsulting a configuration parameters database that contains a listingof a plurality of devices that are authorized to access the system.

According to various aspects, electrical component 1606 can performauthentication and/or electrical component 1608 can determine spectrumaccess by reviewing credentials associated with the first device. Thecredentials can include one ore more shared secret keys, public keys,authorization information, a list of services, billing information, orcombinations thereof.

Logical grouping 1602 further includes an electrical component 1610 forgenerating an authorization ticket for the at least a first device basedin part on the spectrum access that can be provided to the at least afirst device. The authorization ticket can include an identity of thefirst device, a validity range during which the authorization ticket isvalid, and/or a cryptographic signature.

In accordance with some aspects, logical grouping 1602 includes anelectrical component (not shown) for transmitting the authorizationticket to the first device. In accordance with some aspects, multipleauthorization tickets can be generated based on receipt of a multitudeof requests. Each authorization ticket can be unique for each device andtransmitted to each device individually.

System 1600 can also include a memory 1612 that retains instructions forexecuting functions associated with electrical components 1604, 1606,1608, and 1610, or other components. While shown as being external tomemory 1612, one or more of electrical components 1604, 1606, 1608, and1610 can exist within memory 1612.

FIG. 17 illustrates an example system 1700 that validates ticket-basedconfiguration parameters in a communication environment. Thecommunication environment can be in a peer-to-peer configuration or anad-hoc configuration. Included in system 1700 is a logical grouping 1702of electrical components that can act separately or in conjunction.Included in logical grouping 1702 is an electrical component 1704 forassociating a device with one or more validated information elements. Inaccordance with some aspects, the information elements can be anInternet Protocol address assigned to the device and/or a telephonenumber assigned to the device.

Logical grouping 1702 also includes an electrical component 1706 fortransmitting an authorization ticket certified by a trusted party to thedevice. The authorization ticket can include a cryptographic signatureof the trusted party as well as other information (e.g., deviceidentifier, services to which a device can gain access, and so forth).

It should be noted that the process of validating the informationelements is separate and distinct from the validation of authorizationtickets. The trusted third party can obtain pre-validated informationelements from another party or can validate the information elementsitself through some other, separate process.

In accordance with some aspects, logical grouping 1702 includes anelectrical component (not shown) for employing an authenticationprotocol or authorization protocol to communication with the device.Also included can be an electrical component (not shown) for determiningwhether to construct an authorization ticket and which informationelements to include in the authorization ticket. The determination canbe made based in part on the communication with the device.

According to some aspects, logical grouping 1702 includes an electricalcomponent (not shown) for consulting a database of authorized devicesand associated parameters identified by a unique device identifier. Thedatabase can contain information related to a configuration each devicecan utilize when communicating using the licensed spectrum.

A memory 1708 that retains instructions for executing functionsassociated with electrical components 1704 and 1706 or other componentsis also included in system. Although an external memory 1708 isillustrated, in accordance with some aspects, one or more of electricalcomponents 1704 and 1706 may exist within memory 1708.

With reference to FIG. 18, illustrated is an example system 1800 thatvalidates ticket-based configuration parameters. System 1800 includes alogical grouping 1802 that includes an electrical component 1804 foracquiring an authorization ticket that includes one or more validatedinformation elements associated with another device. In accordance withsome aspects, at least one of the validated information elements is anInternet Protocol address.

Also included in logical grouping 1802 is an electrical component 1806for validating the authorization ticket. The authorization ticket caninclude an identifier of the another device, a validity range, and asignature of a trusted party that issued the authorization ticket.

Logical grouping 1802 also includes an electrical component 1808 forestablishing a validated communication with the another device based inpart on the authorization ticket. The validated communication can bebroadcast or multicast. The validated communication with the anotherdevice is a peer-to-peer configuration and/or an ad-hoc configuration.

An electrical component 1810 for performing a configuration operationwith a subset of the one or more validated information elements is alsoincluded. The configuration operation can include configuring aninterface and/or adding a route.

Additionally, system 1800 can include a memory 1812 that retainsinstructions for executing functions associated with electricalcomponents 1804, 1806, 1808, and 1810 or other components. While shownas being external to memory 1812, it is to be understood that one ormore of electrical components 1804, 1806, 1808, and 1810 can existwithin memory 1812.

It is to be appreciated that the system 1500, 1600, 1700, and 1800 ofFIGS. 15, 16, 17, and 18, described above, are represented as includingfunctional blocks, which may be functional blocks that representfunctions implemented by a processor, software, or combination thereof(e.g., firmware).

It is to be understood that the aspects described herein may beimplemented by hardware, software, firmware or any combination thereof.When implemented in software, the functions may be stored on ortransmitted over as one or more instructions or code on acomputer-readable medium. Computer-readable media includes both computerstorage media and communication media including any medium thatfacilitates transfer of a computer program from one place to another. Astorage media may be any available media that can be accessed by ageneral purpose or special purpose computer. By way of example, and notlimitation, such computer-readable media can comprise RAM, ROM, EEPROM,CD-ROM or other optical disk storage, magnetic disk storage or othermagnetic storage devices, or any other medium that can be used to carryor store desired program code means in the form of instructions or datastructures and that can be accessed by a general-purpose orspecial-purpose computer, or a general-purpose or special-purposeprocessor. Also, any connection is properly termed a computer-readablemedium. For example, if the software is transmitted from a website,server, or other remote source using a coaxial cable, fiber optic cable,twisted pair, digital subscriber line (DSL), or wireless technologiessuch as infrared, radio, and microwave, then the coaxial cable, fiberoptic cable, twisted pair, DSL, or wireless technologies such asinfrared, radio, and microwave are included in the definition of medium.Disk and disc, as used herein, includes compact disc (CD), laser disc,optical disc, digital versatile disc (DVD), floppy disk and blu-ray discwhere disks usually reproduce data magnetically, while discs reproducedata optically with lasers. Combinations of the above should also beincluded within the scope of computer-readable media.

The various illustrative logics, logical blocks, modules, and circuitsdescribed in connection with the aspects disclosed herein may beimplemented or performed with a general purpose processor, a digitalsignal processor (DSP), an application specific integrated circuit(ASIC), a field programmable gate array (FPGA) or other programmablelogic device, discrete gate or transistor logic, discrete hardwarecomponents, or any combination thereof designed to perform the functionsdescribed herein. A general-purpose processor may be a microprocessor,but, in the alternative, the processor may be any conventionalprocessor, controller, microcontroller, or state machine. A processormay also be implemented as a combination of computing devices, e.g., acombination of a DSP and a microprocessor, a plurality ofmicroprocessors, one or more microprocessors in conjunction with a DSPcore, or any other such configuration. Additionally, at least oneprocessor may comprise one or more modules operable to perform one ormore of the steps and/or actions described above.

For a software implementation, the techniques described herein may beimplemented with modules (e.g., procedures, functions, and so on) thatperform the functions described herein. The software codes may be storedin memory units and executed by processors. The memory unit may beimplemented within the processor or external to the processor, in whichcase it can be communicatively coupled to the processor through variousmeans as is known in the art. Further, at least one processor mayinclude one or more modules operable to perform the functions describedherein.

The techniques described herein may be used for various wirelesscommunication systems such as CDMA, TDMA, FDMA, OFDMA, SC-FDMA and othersystems. The terms “system” and “network” are often usedinterchangeably. A CDMA system may implement a radio technology such asUniversal Terrestrial Radio Access (UTRA), CDMA2000, etc. UTRA includesWideband-CDMA (W-CDMA) and other variants of CDMA. Further,CDMA2000covers IS-2000, IS-95 and IS-856 standards. A TDMA system mayimplement a radio technology such as Global System for MobileCommunications (GSM). An OFDMA system may implement a radio technologysuch as Evolved UTRA (E-UTRA), Ultra Mobile Broadband (UMB), IEEE 802.11(Wi-Fi), IEEE 802.16 (WiMAX), IEEE 802.20, Flash-OFDM®, etc. UTRA andE-UTRA are part of Universal Mobile Telecommunication System (UMTS).3GPP Long Term Evolution (LTE) is a release of UMTS that uses E-UTRA,which employs OFDMA on the downlink and SC-FDMA on the uplink. UTRA,E-UTRA, UMTS, LTE and GSM are described in documents from anorganization named “3rd Generation Partnership Project” (3GPP).Additionally, CDMA2000and UMB are described in documents from anorganization named “3rd Generation Partnership Project 2” (3GPP2).Further, such wireless communication systems may additionally includepeer-to-peer (e.g., mobile-to-mobile) ad hoc network systems often usingunpaired unlicensed spectrums, 802.xx wireless LAN, BLUETOOTH and anyother short- or long-range, wireless communication techniques.

Moreover, various aspects or features described herein may beimplemented as a method, apparatus, or article of manufacture usingstandard programming and/or engineering techniques. The term “article ofmanufacture” as used herein is intended to encompass a computer programaccessible from any computer-readable device, carrier, or media. Forexample, computer-readable media can include but are not limited tomagnetic storage devices (e.g., hard disk, floppy disk, magnetic strips,etc.), optical disks (e.g., compact disk (CD), digital versatile disk(DVD), etc.), smart cards, and flash memory devices (e.g., EPROM, card,stick, key drive, etc.). Additionally, various storage media describedherein can represent one or more devices and/or other machine-readablemedia for storing information. The term “machine-readable medium” caninclude, without being limited to, wireless channels and various othermedia capable of storing, containing, and/or carrying instruction(s)and/or data. Additionally, a computer program product may include acomputer readable medium having one or more instructions or codesoperable to cause a computer to perform the functions described herein.

Further, the steps and/or actions of a method or algorithm described inconnection with the aspects disclosed herein may be embodied directly inhardware, in a software module executed by a processor, or in acombination of the two. A software module may reside in RAM memory,flash memory, ROM memory, EPROM memory, EEPROM memory, registers, a harddisk, a removable disk, a CD-ROM, or any other form of storage mediumknown in the art. An exemplary storage medium may be coupled to theprocessor, such that the processor can read information from, and writeinformation to, the storage medium. In the alternative, the storagemedium may be integral to the processor. Further, in some aspects, theprocessor and the storage medium may reside in an ASIC. Additionally,the ASIC may reside in a user device. In the alternative, the processorand the storage medium may reside as discrete components in a userdevice. Additionally, in some aspects, the steps and/or actions of amethod or algorithm may reside as one or any combination or set of codesand/or instructions on a machine-readable medium and/or computerreadable medium, which may be incorporated into a computer programproduct.

While the foregoing disclosure discusses illustrative aspects and/oraspects, it should be noted that various changes and modifications couldbe made herein without departing from the scope of the described aspectsand/or aspects as defined by the appended claims. Accordingly, thedescribed aspects are intended to embrace all such alterations,modifications and variations that fall within scope of the appendedclaims. Furthermore, although elements of the described aspects and/oraspects may be described or claimed in the singular, the plural iscontemplated unless limitation to the singular is explicitly stated.Additionally, all or a portion of any aspect and/or aspect may beutilized with all or a portion of any other aspect and/or aspect, unlessstated otherwise.

To the extent that the term “includes” is used in either the detaileddescription or the claims, such term is intended to be inclusive in amanner similar to the term “comprising” as “comprising” is interpretedwhen employed as a transitional word in a claim. Furthermore, the term“or” as used in either the detailed description of the claims is meantto be a “non-exclusive or”.

What is claimed is:
 1. A method for spectrum authorization and accesscontrol by a spectrum provider authorization server, comprising:receiving, by the spectrum provider authorization server, a request froma first wireless device for system access; authenticating the firstdevice; determining system access that can be authorized for the firstdevice; creating an authorization ticket for the first device based onthe system access determined for the first device, the authorizationticket including a first licensed radio frequency spectrum useauthorization information indicating that the first device is allowed touse a licensed radio frequency spectrum for data communication; creatinga second authorization ticket for a second wireless device, based onauthorized system access permitted to the second device, the secondauthorization ticket including a second licensed radio frequencyspectrum use authorization information indicating that the second deviceis allowed to use the licensed radio frequency spectrum for datacommunication; sending the first licensed radio frequency spectrum useauthorization information to the second device from the first device;authenticating use of the licensed radio frequency spectrum by the firstdevice; establishing a validated communication session between the firstdevice and the second device using the first licensed radio frequencyspectrum use authorization information; and permitting use by the firstdevice of only the services allowed on the licensed radio frequencyspectrum based on the first licensed radio frequency spectrum useauthorization information.
 2. The method of claim 1, wherein theauthorization ticket for the first device includes an IP address.
 3. Themethod of claim 1, wherein determining system access comprisesconsulting a configuration parameters database that contains a listingof a plurality of devices that are authorized to access the system. 4.The method of claim 1, wherein the authorization ticket includes apublic key associated with the first device.
 5. The method of claim 4,wherein the authenticating or the system access is determined bycredentials associated with the first device, and wherein thecredentials are at least one of shared secret keys, public keys,authorization information, a list of services, or billing information.6. The method of claim 1, wherein the authorization ticket comprises anidentity of the first device.
 7. The method of claim 1, wherein theauthorization ticket further comprises a validity range during which theauthorization ticket is valid, and a cryptographic signature.
 8. Themethod of claim 1, wherein the authorization ticket further includesdevice configuration information.
 9. A wireless communications apparatusfor spectrum authorization and access control by a spectrum provider,comprising: a memory that retains instructions related to: receiving, bythe spectrum provider, a request from a first wireless device for systemaccess, authenticating the first device, determining system access thatcan be authorized for the first device, generating an authorizationticket for the first device based in part on the system accessdetermined the first device, the authorization ticket including a firstlicensed radio frequency spectrum use authorization informationindicating that the first device is allowed to use a licensed radiofrequency spectrum for data communication, generating a secondauthorization ticket for a second wireless device, based in part onauthorized system access permitted to the second device, the secondauthorization ticket including a second licensed radio frequencyspectrum use authorization information indicating that the second deviceis allowed to use the licensed radio frequency spectrum for datacommunication, sending the first licensed radio frequency spectrum useauthorization information to the second device from the first device,authenticating use of the licensed radio frequency spectrum by the firstdevice, establishing a validated communication session between the firstdevice and the second device using the first licensed radio frequencyspectrum use authorization information, and permitting use by the firstdevice of only the services allowed on the licensed radio frequencyspectrum based on the first licensed radio frequency spectrum useauthorization information; and a processor, coupled to the memory,configured to execute the instructions retained in the memory.
 10. Thewireless communications apparatus of claim 9, wherein the authorizationticket for the first device includes an IP address.
 11. The wirelesscommunications apparatus of claim 9, wherein determining system accesscomprises consulting a configuration parameters database that contains alisting of a plurality of devices that are authorized to access thesystem.
 12. The wireless communications apparatus of claim 9, whereinthe authenticating or the system access is determined by credentialsassociated with the first device, and wherein the credentials include atleast one of shared secret keys, public keys, authorization information,a list of services, or billing information.
 13. The wirelesscommunications apparatus of claim 9, wherein the authorization ticketcomprises an identity of the first device, a validity period duringwhich the authorization ticket is valid, and a cryptographic signature.14. A wireless communications apparatus that provides spectrumauthorization, comprising: means for receiving, by the spectrumprovider, a request from a first wireless device for system access;means for authenticating the first device; means for determining systemaccess that can be provided to the first device; means for generating anauthorization ticket for the first device based on the system accessdetermined for the first device, the authorization ticket including afirst licensed radio frequency spectrum use authorization informationindicating that the first device is allowed to use a licensed radiofrequency spectrum for data communication; means for generating a secondauthorization ticket for a second wireless device, based on authorizedsystem access permitted to the second device, the second authorizationticket including a second licensed radio frequency spectrum useauthorization information indicating that the second device is allowedto use the licensed radio frequency spectrum for data communication;means for sending the first licensed radio frequency spectrum useauthorization information to the second device from the first device;means for authenticating use of the licensed radio frequency spectrum bythe first device; means for establishing a validated communicationsession between the first device and the second device using the firstlicensed radio frequency spectrum use authorization information; andmeans for permitting use by the first device of only the servicesallowed on the licensed radio frequency spectrum based on the firstlicensed radio frequency spectrum use authorization information
 15. Thewireless communications apparatus of claim 14, wherein the authorizationticket for the first device includes an IP address.
 16. The wirelesscommunications apparatus of claim 14, further comprising means forconsulting a configuration parameters database that contains a listingof a plurality of devices that are authorized to access the system. 17.A computer program product for spectrum authorization and access controlby a spectrum provider, comprising: a non-transitory computer-readablemedium comprising: a first set of codes for causing a computer toreceive, by the spectrum provider, a request from a first device forsystem access, the first device being a first wireless device; a secondset of codes for causing the computer to perform authentication of thefirst device; a third set of codes for causing the computer to determinesystem access that can be authorized for the first device; a fourth setof codes for causing the computer to generate an authorization ticketfor the first device based on the system access determined for the firstdevice, the authorization ticket including a first licensed radiofrequency spectrum use authorization information indicating that thefirst device is allowed to use a licensed radio frequency spectrum fordata communication; and a fifth set of codes for causing the computer togenerate a second authorization ticket for a second device, the seconddevice being a second wireless device, based on authorized system accesspermitted to the second device, the second authorization ticketincluding a second licensed radio frequency spectrum use authorizationinformation indicating that the second device is allowed to use thelicensed radio frequency spectrum for data communication; a sixth set ofcodes for causing the computer to send the first licensed radiofrequency spectrum use authorization information to the second devicefrom the first device; a seventh set of codes for causing the computerto authenticate use of the licensed radio frequency spectrum by thefirst device; an eighth set of codes for causing the computer toestablish a validated communication session between the first device andthe second device using the first licensed radio frequency spectrum useauthorization information; and a ninth set of codes for causing thecomputer to permit use by the first device of only the services allowedon the licensed radio frequency spectrum based on the first licensedradio frequency spectrum use authorization information.
 18. The computerprogram product of claim 17, wherein determining system access comprisesconsulting a configuration parameters database that contains a listingof a plurality of devices that are authorized to access the system, andwherein the authenticating or the system access is determined based oncredentials associated with the first device, wherein the credentialsinclude at least one of shared secret keys, public keys, authorizationinformation, a list of services, or billing information.
 19. Thecomputer program product of claim 17, wherein the authorization ticketcomprises an identity of the first device, a validity range during whichthe authorization ticket is valid, and a cryptographic signature. 20.The computer program product of claim 17, wherein the authorizationticket comprises a public key associated with the first device, andwherein the validated communication session is configured to carry dataof a type and manner specified in a list of allowed services included inthe authorization ticket and the second authorization ticket.